Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: M$SQL cleanup incentives

  • From: Doug Clements
  • Date: Sat Feb 22 04:54:40 2003

I'll bite..

----- Original Message -----
From: "William Allen Simpson" <wsimpson@greendragon.com>
To: <nanog@merit.edu>
Sent: Friday, February 21, 2003 2:25 PM
Subject: Re: M$SQL cleanup incentives


[snip]
> I'm of the technical opinion that everyone will need to filter outgoing
> 1434 udp forever.
[snip]
> Iljitsch van Beijnum wrote:
> > Maybe the best approach is to try and deliberately infect the entire
> > local net every few minutes or so to detect new vulnerable systems while
> > the people installing them are still on the premises.
> >
> Gosh, should we do that for every known virus/worm/vulnerability?

Which is it? Where do you draw the line between something that's big enough
to block forever and something that's not worth tracking down? You lambast
him for attempting a solution that is foolish to apply for every known
possible problem where if your solution was applied as such, we'd have a
swiss-cheese internet in which any commonly used destination port is blocked
due to the scads of IIS/bind/fingerd/ftpd/whatever worms.

Have fun filtering.

> Or maybe you don't actually own and/or have legal and financial
> accountability for your own network?

Or maybe he likes having a network his customers can actually use.

--Doug





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.